Vulnerability
WebBanner
Affected
Selena Sol's WebBanner 4.0
Description
Johannes Westerink found following. At your browser, type simply:
http://yourdomain/random_banner/index.cgi?image_list=alternative_image.list&html_file=../../../../../etc/passwd
... and you should view passwd file as user nobody (if server is
serving page as user nobody...). Trying to execute a command with
| won't work always because the script is running standard with -T
option: #!/usr/bin/perl -T, you can first view the script code
with above way, check if there is a -T option, if not, you can
execute any command as nobody user (....&html_file=|ls -la|).
Solution
Newer version should fix that.